Isn't the '550 no user here' a good enough indication of this is not my account?
~ Matt Vernhout Sent from my iPhone > On Aug 16, 2016, at 6:26 PM, Brandon Long via mailop <mailop@mailop.org> > wrote: > > I'm not sure what they're supposed to do. > > If they give you the information, they're giving you information that's not > yours, which is clearly a violation of privacy. > > If you have access to the email address, and you use that to get access to > data that's not yours, then you're the one doing the privacy violation. > > What they should have is a way to say "this isn't my account". I've seen > that commonly on first attempts (ie, Google's sign up will send a validation > message to your alternate/secondary email address, and that has a "this > wasn't me" link in it), but it's not common after the fact. > > With some mail, I've seen that you can edit the delivery preferences without > any other kind of login, I've done that sometimes to stop getting the > messages, even if that hasn't actually "fixed" the underlying problem. > > It's obviously a problem with address re-use as well. I'm not sure if these > specific hosts have ever implemented Yahoo's RRVS extension, if so you might > be able to get them to stop that way. > > Brandon > >> On Tue, Aug 16, 2016 at 1:34 AM, Michelle Sullivan <miche...@sorbs.net> >> wrote: >> Benoit Panizzon wrote: >>> Hi Michelle >>> >>>> Have a similar (though substantially smaller numbers) with Apple >>>> iCloud accounts... main problem there is people sending receipts for >>>> their purchases... you'd think they (the consumers) might be worried >>>> about a third-party getting all their (valid) credit card details, >>>> but I guess not.... >>> Apple has privacy issues with their AppleID's. I also got hit by emails >>> sending me newsletters and recipes from stuff I apparently purchased @ >>> apple. First I thought they were some kind of spam or phishing emails, >>> but upon close inspection, they looked genuine. >>> >>> So according to swiss privacy laws, I asked Apple to send me all the >>> data that was connected to my apparent AppleID and the source where >>> they got that data from. >>> >>> Their reply was: We cannot send you this data, because that AppleID >>> obviously does not belong to you and we have to protect the privacy of >>> that other person. And they kept sending me newsletters etc. pretending >>> that I was not the owner of the said email address used as AppleID. >>> >>> So I proceeded in recovering the password of that AppleID. Logged into >>> that account, found all the billing and personal information from a >>> person in Canada with a Name similar to mine. With that information I >>> asked apple again, how this person could create an AppleID with my >>> email address and learned, that the Email Address used as AppleID, when >>> created in an Apple Shop, are not being verified. What probably happened >>> was that the dealer mistyped the canadian customer's email address when >>> he bought an iPhone (the one I got the bill for) and had it configured >>> by that shop. >>> >> Which the funny thing is with such details I can now get people's emails, >> access to their password lists (if they stored in their iCloud keychain), >> locate them, erase their devices etc.. such a security risk in the name of >> privacy... not to mention as you pointed out privacy is out of the window >> when you use the 'recover password' function... along with security of any >> credit card associated with the account. >> >> -- >> Michelle Sullivan >> http://www.mhix.org/ >> >> >> _______________________________________________ >> mailop mailing list >> mailop@mailop.org >> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop > > _______________________________________________ > mailop mailing list > mailop@mailop.org > https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
_______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
